Scribd Logo
Upload

Welcome to Scribd!

  • SSL-Secure Sockets Layer: SSL Handshake With and Without Client Authentication

    Uploaded by

    Sugumaran Perumal
    10 views11 pages
    SSL (Secure Sockets Layer) provides encryption and authentication for communication over the internet. It allows clients to verify a server's identity through certificates and ensures data in transit is encrypted to maintain confidentiality. SSL supports both server authentication, where the client verifies the server, and client authentication, where the server verifies the client using public key cryptography and digital certificates.

    Original Description:

    Original Title

    SSL Handshakes

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    SSL (Secure Sockets Layer) provides encryption and authentication for communication over the internet. It allows clients to verify a server's identity through certificates and ensures data in transit is encrypted to maintain confidentiality. SSL supports both server authentication, where the client verifies the server, and client authentication, where the server verifies the client using public key cryptography and digital certificates.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    10 views11 pages

    SSL-Secure Sockets Layer: SSL Handshake With and Without Client Authentication

    Uploaded by

    Sugumaran Perumal
    SSL (Secure Sockets Layer) provides encryption and authentication for communication over the internet. It allows clients to verify a server's identity through certificates and ensures data in transit is encrypted to maintain confidentiality. SSL supports both server authentication, where the client verifies the server, and client authentication, where the server verifies the client using public key cryptography and digital certificates.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 11

    SSL- Secure Sockets Layer

    SSL handshake with and without Client authentication

    Services Provided by SSL


    SSL encrypts data so that no one who intercepts is able to read it. SSL can assure a client that they are dealing with the genuine server they intended to connect to. SSL can prevent any unauthorized clients from connecting to the server.

    Services Provided by SSL


    These capabilities address fundamental concerns about communication over the Internet and other TCP/IP networks: SSL server authentication SSL client authentication An encrypted SSL connection

    SSL Server Authentication


    SSL server authentication allows a user to confirm a server's identity. SSL-enabled client software can use standard techniques of public-key cryptography to check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the client's list of trusted CAs. This confirmation might be important if the user, for example, is sending a credit card number over the network and wants to check the receiving server's identity.
    4

    SSL Client Authentication


    SSL client authentication allows a server to confirm a user's identity. Using the same techniques as those used for server authentication, SSL-enabled server software can check that a client's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the server's list of trusted CAs. This confirmation might be important if the server, for example, is a bank sending confidential financial information to a customer and wants to check the recipient's identity.
    5

    An encrypted SSL connection


    An encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, thus providing a high degree of confidentiality. Confidentiality is important for both parties to any private transaction. In addition, all data sent over an encrypted SSL connection is protected with a mechanism for detecting tampering--that is, for automatically determining whether the data has been altered in 6 transit.

    SSL Handshake without Client Auth

    SSL Alerts

    SSL with client auth

    Guarantees of SSL
    The server you want to contact is the one you got. No attacker can read or modify the data being transmitted between you and the Web server.

    10

    Thank You
    11

    You might also like